Commit Graph

89623 Commits

Author SHA1 Message Date
Robert Watson
41a17fe326 Clean up locking for the MAC Framework:
(1) Accept that we're now going to use mutexes, so don't attempt
    to avoid treating them as mutexes.  This cleans up locking
    accessor function names some.

(2) Rename variables to _mtx, _cv, _count, simplifying the naming.

(3) Add a new form of the _busy() primitive that conditionally
    makes the list busy: if there are entries on the list, bump
    the busy count.  If there are no entries, don't bump the busy
    count.  Return a boolean indicating whether or not the busy
    count was bumped.

(4) Break mac_policy_list into two lists: one with the same name
    holding dynamic policies, and a new list, mac_static_policy_list,
    which holds policies loaded before mac_late and without the
    unload flag set.  The static list may be accessed without
    holding the busy count, since it can't change at run-time.

(5) In general, prefer making the list busy conditionally, meaning
    we pay only one mutex lock per entry point if all modules are
    on the static list, rather than two (since we don't have to
    lower the busy count when we're done with the framework).  For
    systems running just Biba or MLS, this will halve the mutex
    accesses in the network stack, and may offer a substantial
    performance benefits.

(6) Lay the groundwork for a dynamic-free kernel option which
    eliminates all locking associated with dynamically loaded or
    unloaded policies, for pre-configured systems requiring
    maximum performance but less run-time flexibility.

These changes have been running for a few weeks on MAC development
branch systems.

Approved by:	re (jhb)
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-05-07 17:49:24 +00:00
John Baldwin
664234c6e2 Properly cleanup the stack before jumping to cerror() if rfork(2) fails.
Submitted by:	Igor Sysoev <is@rambler-co.ru>
Approved by:	re (scottl)
2003-05-07 17:23:25 +00:00
John Baldwin
ace85d0a3c Style nits.
Approved by:	re (bmah)
2003-05-07 17:21:38 +00:00
Warner Losh
690f3e8486 Don't use logger by default just yet for unmatched devices. It is a
little too chatty on boot and doesn't give enough information.

Approved by: re@ (bmah)
2003-05-07 15:48:20 +00:00
Poul-Henning Kamp
8b7e2de80c #include <sys/resource.h> to limit ports damage.
Approved by:	re/rwatson
2003-05-07 15:26:43 +00:00
Michael Landin
43713b6deb Add my birthday.
Approved by: roberto (mentor), re(bmah)
2003-05-07 13:28:16 +00:00
Poul-Henning Kamp
2cc9686e52 Hide the "ENOMEM" notice messages behind bootverbose. They are still
a valuable debugging tool for certain kinds of problems.

Approved by:	re/scottl
2003-05-07 05:37:31 +00:00
Robert Watson
430c635447 Correct a bug introduced with reduced TCP state handling; make
sure that the MAC label on TCP responses during TIMEWAIT is
properly set from either the socket (if available), or the mbuf
that it's responding to.

Unfortunately, this is made somewhat difficult by the TCP code,
as tcp_twstart() calls tcp_twrespond() after discarding the socket
but without a reference to the mbuf that causes the "response".
Passing both the socket and the mbuf works arounds this--eventually
it might be good to make sure the mbuf always gets passed in in
"response" scenarios but working through this provided to
complicate things too much.

Approved by:	re (scottl)
Reviewed by:	hsu
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-05-07 05:26:27 +00:00
Bruce A. Mah
713ed07eeb New release notes: Kerberos 5 built by default, krb5 distributed
folded into crypto.

Submitted by:	markm
Approved by:	re (implicitly)
2003-05-07 04:15:57 +00:00
Tom Rhodes
bf88fa9352 df(1) and ls(1) print units in 'four or fewer' not 'three or less'.
PR:		35523
Submitted by:	Tomas Svensson <tsn@gbdev.net>
2003-05-06 21:54:46 +00:00
Bruce A. Mah
cdb16a3551 Version number bump: We're at 5.1-BETA now.
Note that the previous commit message for this file should have read:
"4.8-RELEASE is the latest release from the 4-STABLE branch." [1]

Pointed out by:	Stijn Hoop <stijn@win.tue.nl> [1]
Approved by	re (implicitly)
2003-05-06 21:30:16 +00:00
Robert Watson
688fe1d954 Trim a call to mac_create_mbuf_from_mbuf() since m_tag meta-data
copying for mbuf headers now works properly in m_dup_pkthdr(), so
we don't need to do an explicit copy.

Approved by:	re (jhb)
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-05-06 20:34:04 +00:00
Bruce A. Mah
d7ec3291cb Update supported architectures, use &unix; where appropriate, more
majordomo->mailman fixes, other misc. updates.

Approved by:	re (implicitly)
2003-05-06 20:01:07 +00:00
Bruce A. Mah
a0591bbe96 4.8-RELEASE was the last release from the 4-STABLE branch. 2003-05-06 19:58:10 +00:00
Poul-Henning Kamp
c9e629297a Fix the WARNING for wrong rawoffset, I tested incompatible units.
Approved by:	re/jhb
2003-05-06 19:36:13 +00:00
John Baldwin
6e52134c70 Add PCI ID's for the Intel ICH5 (82801EB) chipset.
Approved by:	re (murray)
Sponsored by:	The Weather Channel
2003-05-06 19:31:56 +00:00
John Baldwin
d40a3f6f47 Add PCI ID's for the 4 USB hubs on the ICH5 controller.
Approved by:	re (murray)
2003-05-06 19:30:41 +00:00
David E. O'Brien
0dc1aeb6ac Consistentify our NO_KERBEROS documentation.
Approved by:	re(bmah)
2003-05-06 19:26:55 +00:00
Hiten Pandya
73692bebe4 malloc(9) types can be used to identify multiple allocations.
PR: docs/38618
Approved by: des (mentor)
2003-05-06 19:10:17 +00:00
Doug Barton
367ff02101 Hook devfs.conf up to the build.
Approved by:	re (scottl)
2003-05-06 07:25:17 +00:00
Dag-Erling Smørgrav
31bd1c5d2d Start mailing -CURRENT tinderbox failures to the lists. 2003-05-06 04:04:02 +00:00
Scott Long
bc2de3dac0 We are now in 5.1-BETA 2003-05-06 03:55:24 +00:00
Dag-Erling Smørgrav
88b1e0bc5b Fix a printf() format error which broke the ia64 GENERIC build. 2003-05-06 03:55:12 +00:00
Gregory Neil Shapiro
f4c5766baa Prevent a 'make SHARED=symlinks install' followed by 'make install' from
failing by removing the symlink before trying to install the actual files.

Noticed by:	bde
MFC after:	5 days
2003-05-06 03:38:24 +00:00
Alan Cox
658ad5fff5 Lock the vm_object when performing vm_pager_deallocate(). 2003-05-06 02:45:28 +00:00
Mike Makonnen
a260623c5f Fix a null dereference leading to a core dump when
the number of threads exceeds the number of open slots
in ldt_entries[].

Approved by:	markm (mentor)(implicit)
Reviewed by:	jeff
2003-05-06 02:33:49 +00:00
Mike Makonnen
ae0df91f34 o Correct a debug message that refered to the wrong function
o Remove an unncecesary if clause

Approved by:	markm (mentor)(implicit)
Reviewd by:	jeff
2003-05-06 02:30:52 +00:00
Mike Makonnen
e27f221c32 s/kadmind5/kadmin/
Approved by:	markm (mentor)
2003-05-06 02:28:03 +00:00
Olivier Houchard
0be8f80357 Don't call timeout() in sis_tick(), this is done earlier by mii_tick(), and it
leads to a panic at unload time, as we own 2 instances of callout and
untimeout() only one.
Will I'm there, remove a call to callout_handler_init(), one is enough.

Reviewed by:	wpaul
2003-05-06 02:00:01 +00:00
Doug Barton
05ca3441c0 Allow users to configure stuff in /dev once again by re-doing the devfs
script to read /etc/devfs.conf, and take appropriate actions based on
what it finds there.

The (commented out) examples in the new devfs.conf file are taken in
part from the old rc.devfs script.
2003-05-06 01:10:33 +00:00
David E. O'Brien
ae362fa12f Back out the amd64 additions. Hammer doesn't do APM, and we certainly aren't
ready for any ibcs2_compat bits yet.
2003-05-06 00:09:51 +00:00
Daniel Eischen
07e6b1c7a3 Make pthread_join() async-cancel-safe. David was going to commit
this, but I think he's asleep and want to be sure it gets in before
the freeze.

Submitted by:	davidxu
2003-05-06 00:02:54 +00:00
David E. O'Brien
8ac66afea9 We won't do APM on Hammer -- ACPI is the game there. 2003-05-05 23:55:43 +00:00
Doug Barton
4460871b32 Add an example of how to create an fstab entry. 2003-05-05 23:41:17 +00:00
Garance A Drosehn
4adea93613 Fix age_old_log checking so that it will notice log files which were
rotated and then compressed with bzip2 instead of gzip.  Otherwise,
any file which had a time-interval specified for 'when' and also
specified the 'J' flag would be rotated every time newsyslog was run.
(this is a quick-fix, trying to beat the code-freeze for 5.1-release)

PR:		bin/51519
MFC after:	1 week
2003-05-05 23:38:03 +00:00
David E. O'Brien
8d5c19ffbc Centralize _PATH_* definitions.
Submitted by:	Tim Kientzle <kientzle@acm.org> (embellished by me)
2003-05-05 22:49:23 +00:00
Garance A Drosehn
bedb455962 Slightly improve the checking of the 'size' field, so people will get
a warning message if they switch the values for 'size' and 'when'.

MFC after:	1 week
2003-05-05 22:27:37 +00:00
Doug Barton
900a41ee73 * Add the nut port from the IANA list (for the nut port)
* Add the rndc port, by common usage (TCP only since rndc doesn't
use UDP, and the port is not officially assigned)
2003-05-05 22:10:14 +00:00
Doug Barton
b4ba05cdc8 Add traditional BSD names (sio[0-3]) to the finger-friendly com[1-4]
entries so that you can do things like 'tip sio1' without having
to remember the DOS equivalent.
2003-05-05 21:37:43 +00:00
Poul-Henning Kamp
4917b55e50 Compile bsdlabel on all platforms.
Install a link to the disklabel(8) name on i386 and alpha platforms.

Leave old disklabel(8) sources intact but disconnected from the build
for now.
2003-05-05 21:28:08 +00:00
John Baldwin
01de25134f Tweak the clearing of TDF_DEADLKTREAT so that we only bother grabbing the
lock and clearing the flag if it was clear when uiomove() was called.
2003-05-05 21:27:29 +00:00
John Baldwin
854dc8c2a1 Mostly sort the includes. 2003-05-05 21:26:25 +00:00
Poul-Henning Kamp
069accaa6a Put descriptive comments on the GEOM_* options 2003-05-05 21:21:31 +00:00
John Baldwin
18440c7fe7 Lock the proc lock around calls to tdsignal() in the sigwait() family of
syscalls.
2003-05-05 21:18:10 +00:00
John Baldwin
6711f10fb6 Make issignal() private to kern_sig.c since it is only called from cursig()
and cursig() is now a function rather than a macro.
2003-05-05 21:16:28 +00:00
Dag-Erling Smørgrav
8b48559cff OpenPAM is WANRS6-clean. 2003-05-05 21:15:35 +00:00
Dag-Erling Smørgrav
a3f59e65f1 Whitespace cleanup (1.15 had spaces instead of tabs) 2003-05-05 21:14:36 +00:00
Dag-Erling Smørgrav
9820f41cd3 Don't use -pedantic unless we also set -std of some kind. 2003-05-05 21:13:32 +00:00
John Baldwin
e668d8d834 Remove TD_ON_RUNQ() from a check to make sure Giant is not held when
calling mi_switch().  The kernel would panic on an earlier KASSERT() in
mi_switch() if TD_ON_RUNQ() was true.
2003-05-05 21:12:36 +00:00
David Malone
710c5645af Split sendit into two parts. The first part, still called sendit, that
does the copyin stuff and then calls the second part kern_sendit to do
the hard work. Don't bother holding Giant during the copyin phase.

The intent of this is to allow the Linux emulator to impliment send*
syscalls without using the stackgap.
2003-05-05 20:33:38 +00:00